Hi again, I'm succesful at limiting the returned blog posts according to the users rights, the problem here is that once you have rights to a certain blog post, you're able to see all the tags associated with this post even though you aren't allowed to see some of these tags.
I'm looking for a (kind of generic) way to limit the tags collection based on the users right while fetching a blog post, without looping through the tags collection ourselves and check for the rights. On Apr 10, 11:33 am, Ayende Rahien <[email protected]> wrote: > Yes, that is the idea, you limit your query by the permissions the user is > allowed to see. > > > > On Fri, Apr 10, 2009 at 12:24 PM, BennyM <[email protected]> wrote: > > > Let's take the example of a blog post with tags. Each user can create > > tags and add them to the post to find the posts back at a later time. > > > When the user views the blog post all tags that the user is allowed to > > view are displayed with the post. > > > How should this scenario be handled? Should I, after fetching the blog > > post, run trough all its tags to see if the user has sufficient rights > > on them, this is an 'easy' approach but doesn't feel right. > > > Or is it possible to do (or add to RS) something like, > > AddPermissionsToQuery(user, "/blog/view", criteria) where my criteria > > would load the blog post and add the security on the associated tags > > collection something like AddPermissionsToQuery(user, "/tags/ > > view","Tags", criteria). > > > public class Blog > > { > > public IList<Tags> Tags{get;set;} > > } > > > Thanks for your help!- Hide quoted text - > > - Show quoted text - --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Rhino Tools Dev" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/rhino-tools-dev?hl=en -~----------~----~----~----~------~----~------~--~---
